!tCyGickeVqkHsYjWnh:nixos.org

NixOS Networking

871 Members
Declaratively manage your switching, routing, wireless, tunneling and more. | Don't rely on `networking.*` for interface and routing setup, use systemd-networkd, ifstate or NetworkManager instead. | Set `SYSTEMD_LOG_LEVEL=debug` to debug networking issues with networkd | No bad nft puns, please. | Room recommendations: #sysops:nixos.org249 Servers

Load older messages

SenderMessageTime
18 Nov 2025
@magic_rb:matrix.redalder.orgmagic_rb
In reply to @elisaado:matrix.org
anyone running nixos as a router?
I used to 		13:29:33
@kraftnix:kraftnix.devkraftnixI have in my homelab for the past few years14:16:22
@nico:c3d2.deNico
In reply to @elisaado:matrix.org
anyone running nixos as a router?
🙋 		16:41:54
@autiboy:matrix.mautiweb.netAutiboyHow do you all have it setup?17:04:05
@k900:0upti.meK900https://gitlab.com/K900/nix/-/tree/master/machines/bananya?ref_type=heads17:05:43
@elisaado:matrix.orgelisaado interesting 17:20:54
@jappie:jappie.devjappieI used to while studying at uni: networkd w/ ipmasquerading, ipforwarding & dhcp server and hostapd for wifi, all on an rpi :p17:30:03
@hash:hcrypt.nethashdo you run a slim version of nixos or the default image?18:07:36
@k900:0upti.meK900What is a "slim version of nixos"?18:13:29
@albertlarsan68:albertlarsan.frAlbert Larsan The *-small channels aren't actually slimmer, they are jsut updated more frequently due to having less packages built for it. 19:16:51
@albertlarsan68:albertlarsan.frAlbert Larsan * The *-small channels aren't actually slimmer, they are just updated more frequently due to having less packages built for it. 19:17:08
@jopejoe1:matrix.orgjopejoe1 (4094@39c3) changed their display name from jopejoe1 to jopejoe1 (4049@39c3).20:16:43
@jopejoe1:matrix.orgjopejoe1 (4094@39c3) changed their display name from jopejoe1 (4049@39c3) to jopejoe1 (4094@39c3).20:18:11
19 Nov 2025
@elisaado:matrix.orgelisaadooh fun, did it work well?02:02:39
@nico:c3d2.deNico
In reply to @autiboy:matrix.mautiweb.net
How do you all have it setup?

Combination of IfState for interface configuration (supports network namespaces and vrf's), nftables and frr for dynamic routing

I also run it in a BPI-R4 similar to K900, but I haven't finished this project yet... Wifi not working yet

08:05:20
@magic_rb:matrix.redalder.orgmagic_rbMy flatmate flashed openwrt on my bpi-r4...08:06:21
@magic_rb:matrix.redalder.orgmagic_rb boring 08:06:33
@jappie:jappie.devjappieit was good enough, wired worked fine, wifi was of course not the fastest and the signal didn't reach the shared accommodation, but it was a fun project and I didn't have any real outages / things going wrong08:22:53
@kraftnix:kraftnix.devkraftnixcustom built 5600ge with lots of extra 10Gb NICs, systemd-networkd /w bridges, vlans, policy routing, nftables fw, coredns + blocky for dns, dnsmasq for dhcp, runs some extra/misc nspawn containers due to extra capacity, also a locked down caddy which fronts all the misc access point, managed switch etc. web interfaces so they are easier to access (including from my wireguard)15:21:50
@j0squ4red:matrix.orgjosqu4red joined the room.22:29:08
20 Nov 2025
@mocrate:matrix.orgmocrate joined the room.01:12:35
@user12592851:matrix.orgJohn joined the room.04:51:19
@yzhyhalo:matrix.orgYevhen Zhyhalo joined the room.16:08:34
@skorpy:entropia.deskorpy (she/her) changed their display name from skorpy (she/her or none) 🏳️‍⚧️ to skorpy (she/her).17:12:29
21 Nov 2025
@isabel:isabelroses.comisabel changed their profile picture.18:14:31
22 Nov 2025
@raboof:matrix.orgraboof joined the room.12:54:10
@raboof:matrix.orgraboofpossibly not nixos-specific, but perhaps someone here recognizes this behaviour16:31:46
@raboof:matrix.orgraboof

I'm trying to configure a rpi to monitor the wlan and wired connections. both are on the same network (192.168.1.0/24). when both are enabled, I'm having a hard time using the wireless connection. For example, when I curl --interface enu1u1u1 http://2.18.244.76, tcpdump as expected goes:

17:27:41.606428 enu1u1u1 Out IP 192.168.1.101.45516 > 2.18.244.76.80: Flags [S], seq 3074758675, win 64240, options [mss 1460,sackOK,TS val 1422732498 ecr 0,nop,wscale 7], length 0
17:27:41.611238 enu1u1u1 In  IP 2.18.244.76.80 > 192.168.1.101.45516: Flags [S.], seq 69448321, ack 3074758676, win 65160, options [mss 1452,sackOK,TS val 527341513 ecr 1422732498,nop,wscale 7], length 0
17:27:41.611400 enu1u1u1 Out IP 192.168.1.101.45516 > 2.18.244.76.80: Flags [.], ack 1, win 502, options [nop,nop,TS val 1422732503 ecr 527341513], length 0
17:27:41.611657 enu1u1u1 Out IP 192.168.1.101.45516 > 2.18.244.76.80: Flags [P.], seq 1:76, ack 1, win 502, options [nop,nop,TS val 1422732503 ecr 527341513], length 75: HTTP: GET / HTTP/1.1
17:27:41.616315 enu1u1u1 In  IP 2.18.244.76.80 > 192.168.1.101.45516: Flags [.], ack 76, win 509, options [nop,nop,TS val 527341518 ecr 1422732503], length 0
17:27:41.632673 enu1u1u1 In  IP 2.18.244.76.80 > 192.168.1.101.45516: Flags [FP.], seq 1:517, ack 76, win 509, options [nop,nop,TS val 527341518 ecr 1422732503], length 516: HTTP: HTTP/1.0 400 Bad Request
17:27:41.633322 enu1u1u1 Out IP 192.168.1.101.45516 > 2.18.244.76.80: Flags [F.], seq 76, ack 518, win 501, options [nop,nop,TS val 1422732524 ecr 527341518], length 0
16:33:08
@raboof:matrix.orgraboof

however, when I curl --interface wlan0 http://2.18.244.76:

17:27:54.743874 wlan0 Out IP 192.168.1.212.42430 > 2.18.244.76.80: Flags [S], seq 2483937156, win 64240, options [mss 1460,sackOK,TS val 227351562 ecr 0,nop,wscale 7], length 0
17:27:54.754041 wlan0 In  IP 2.18.244.76.80 > 192.168.1.212.42430: Flags [S.], seq 1128095182, ack 2483937157, win 65160, options [mss 1452,sackOK,TS val 527354654 ecr 227351562,nop,wscale 7], length 0
17:27:54.761158 wlan0 In  IP 2.18.244.76.80 > 192.168.1.212.42430: Flags [S.], seq 1128095182, ack 2483937157, win 65160, options [mss 1452,sackOK,TS val 527354662 ecr 227351562,nop,wscale 7], length 0
17:27:56.787444 wlan0 In  IP 2.18.244.76.80 > 192.168.1.212.42430: Flags [S.], seq 1128095182, ack 2483937157, win 65160, options [mss 1452,sackOK,TS val 527356685 ecr 227351562,nop,wscale 7], length 0
17:28:00.933524 wlan0 In  IP 2.18.244.76.80 > 192.168.1.212.42430: Flags [S.], seq 1128095182, ack 2483937157, win 65160, options [mss 1452,sackOK,TS val 527360717 ecr 227351562,nop,wscale 7], length 0
17:28:09.330484 wlan0 In  IP 2.18.244.76.80 > 192.168.1.212.42430: Flags [S.], seq 1128095182, ack 2483937157, win 65160, options [mss 1452,sackOK,TS val 527369228 ecr 227351562,nop,wscale 7], length 0

it seems somehow the SYNACK does arrive at the network interface, but doesn't make it to curl? what could explain that?

16:33:58
@hexa:lossy.networkhexa (clat on linux when)asymmetric pathing16:35:09

Show newer messages

Back to Room ListRoom Version: 6